What’s new in this version?

cognitix Threat Defender version 20211027.0.0 rolls out a number of new features and improvements. Find out what’s new below.

Upgrade Compatibility

The following previous versions are compatible with cognitix Threat Defender version 20211027.0.0:

To view the release notes of previous versions, see Previous Releases.

cognitix Threat Defender version 20211027.0.0 is compatible with genucenter 7.5 and genucenter 8.0.

New Features and Improvements

Improved genucenter Connection

  • cognitix Threat Defender sends more information to genucenter. In particular, recent incident and audit logs are transmitted as well as hardware information.

  • You now have better control over when information is sent to genucenter. You can specify a time interval to automatically send information genucenter. You can also manually transmit information immediately.

IDS/IPS Improvements

  • cognitix Threat Defender now supports IPS alerts based on SSH and SMTP.

  • The Threats > Overview dashboard now displays policy events.

  • The Assets dashboard under Analytics now displays incidents triggered by assets.

User Interface Improvements

  • For available updates cognitix Threat Defender now shows a link to the respective update page.

  • We improved the clarity of the dashboards.

  • We unified the order of table columns in the Diagnostics screens.

  • Email notifications sent by cognitix Threat Defender now comply with the corporate design scheme.

Documentation Improvements

The HTML version of the manual now has a copy button for example code snippets.

System Improvements

  • We improved the memory budget handling of the processing engine.

  • We upgraded the operating system of cognitix Threat Defender to CentOS 8.4.

  • We updated DPDK to version 20.11.

  • We updated the DPI engine.

Important Fixed Issues

  • When backups of the assets and/or users databases are restored, the relations between assets and asset users are now correctly restored.

    Note

    This only applies to newly created backups. Older backups do not contain assets/users relations.

  • As of now, new configuration backups will also correctly restore the states of IPS rules.

  • We fixed several issues with the audit logs:

    • They now correctly show usernames and user IP addresses.

    • We fixed the timestamp format.

    • The audit logs now correctly generate events for manually created backups and changes of the asset settings.

  • The default bridge configuration can now longer be disabled when there is no manual bridge configuration.

  • It is no longer possible to accidentally create duplicate asset users.

  • We fixed an issue with tmp files that filled up the memory.

  • We fixed a systemd handle leak.

  • If users with insufficient rights try to upload a system update file, they will now see the correct error message.

Upgrade Instructions and Requirements

For information on the hardware requirements needed to install this release version, see the system requirements.

For instructions on how to install the new version, see Updating cognitix Threat Defender.